Adding SSH keys for virtual machines

Use of SSH keys allows you to secure SSH access to virtual machines. You can generate a key pair on a client from which you will connect to VMs via SSH. The private key will be stored on the client and you will be able to copy it to other nodes. The public key will need to be uploaded to Virtuozzo Hybrid Infrastructure and specified during VM creation. It will be injected into the VM by cloud-init and used for OpenSSH authentication. Keys injection is supported for both Linux and Windows virtual machines.

Limitations

  • You can specify an SSH key only if you deploy a VM from a template or boot volume (not an ISO image).
  • If a key has been injected into one or more VMs, it will remain inside those VMs even if you delete it from the panel.

Prerequisites

  • The cloud-init utility and OpenSSH Server are installed in a VM template or boot volume, as instructed in Preparing templates.

To add a public key

Admin panel

  1. Generate an SSH key pair on a client by using the ssh-keygen utility:

    # ssh-keygen -t rsa
  2. On the Compute > Virtual machines > SSH keys tab, click Add key.
  3. In the Add SSH key window, specify a key name and copy the key value from the generated public key located in /root/.ssh/id_rsa.pub. Optionally, you can add a key description.

    A description should not contain any personally identifiable information or sensitive business data.

Command-line interface

  1. Generate an SSH key pair on a client by using the ssh-keygen utility:

    # ssh-keygen -t rsa
    
  2. Upload the public key to the compute cluster. For example, to create a public SSH key called mykey, run:

    # vinfra service compute key create --public-key /root/.ssh/id_rsa.pub mykey
    

The new SSH key will appear in the vinfra service compute key list output:

# vinfra service compute key list
+-------+-------------+----------------------------------+
| name  | description | created_at                       |
+-------+-------------+----------------------------------+
| mykey |             | 2021-06-15T12:24:27.814043+00:00 |
+-------+-------------+----------------------------------+

To delete a public key

Admin panel

  1. On the Compute > Virtual machines > SSH keys tab, select the SSH key you want to delete, and then click Delete.
  2. Click Delete in the confirmation window.

If this key has been injected into one or more virtual machines, it will remain inside those virtual machines.

Command-line interface

Use the following command:

vinfra service compute key delete <ssh-key>
<ssh-key>
SSH key name

For example, to delete the SSH key mykey, run:

# vinfra service compute key delete mykey